package com.jfinal.core;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import com.jfinal.core.Config;
import com.jfinal.kit.StrKit;
import com.jfinal.plugin.activerecord.Record;

import top.ewind.jfinal.ext.authorize.AuthModel;

public class AuthorAnnoInterceptor implements Interceptor {

	private static AuthModel authmodel;	
	public static Map<String, String> getAuthModelNames(){
		if(authmodel==null){
			return null;		
		}
		else return authmodel.getAmNames();
	}

	public AuthorAnnoInterceptor() {
		super();
		if(authmodel==null){
			authmodel = new AuthModel(Config.getRoutes());			
		}
	}	
	
	public void intercept(Invocation ai) {
		boolean acc = false;
		String path = ai.getViewPath();
		String usermodels = ai.getController().getSessionAttr("usermodels");
		Record user = ai.getController().getSessionAttr("sysuser");
		if (path.indexOf("/wx") != -1) {
			if (user == null){
				ai.getController().redirect("/wx");
				return;
			}
			if(user!=null){
					acc = true; 
			}
				
		} else{
		if(user==null){
        	ai.getController().redirect("/");
        	return;
		}
		if(user!=null&&StrKit.notBlank(usermodels)){
			String[] auths = usermodels.split(",");
			for(String auth : auths){
				acc = authmodel.access(auth, ai.getController(), ai.getMethod()); 
				if(acc) break;
			}
		}
		}
		if(acc){
			ai.invoke();
		}
		else{
			HttpServletRequest request = ai.getController().getRequest();
			if (request.getHeader("accept").toLowerCase().indexOf("json") > -1 ||
					(request.getHeader("X-Requested-With")!= null && request.getHeader("X-Requested-With").indexOf("XMLHttpRequest") > -1)) {  
				ai.getController().renderJson("{\"error\":\"401\",\"msg\":\"权限不足\"}");
	        } else {
	        	ai.getController().render("/common/_403.html");
	        }	
		}
	}

}